CVE-2026-22167

GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Assigner: imaginationtech
Reserved: 06.01.2026 Published: 01.05.2026 Updated: 01.05.2026

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages.

Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.

This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.

Product Status

Vendor	Imagination Technologies
Product	Graphics DDK
Versions	Default: unknown Version 1.18 RTM is affected Version 23.2 RTM is affected affected from 24.1 RTM to 24.2 RTM (incl.) affected from 25.1 RTM to 25.3 RTM (incl.) Version 26.1 RTM is unaffected

Vendor

Imagination Technologies

Product

Graphics DDK

Versions

Default: unknown

Version 1.18 RTM is affected
Version 23.2 RTM is affected
affected from 24.1 RTM to 24.2 RTM (incl.)
affected from 25.1 RTM to 25.3 RTM (incl.)
Version 26.1 RTM is unaffected

References

Problem Types

CWE - CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer (4.18) CWE

Impacts

CAPEC - CAPEC-123: Buffer Manipulation (Version 3.9)

CVE-2026-22167 PUBLISHED

GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Product Status

References

Problem Types

Impacts